CVE-2016-0713: XSS
First published: Thu Aug 31 2017(Updated: )
Gorouter in Cloud Foundry cf-release v141 through v228 allows man-in-the-middle attackers to conduct cross-site scripting (XSS) attacks via vectors related to modified requests.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cloud Foundry CF Release | =141 | |
| Cloud Foundry CF Release | =142 | |
| Cloud Foundry CF Release | =143 | |
| Cloud Foundry CF Release | =144 | |
| Cloud Foundry CF Release | =145 | |
| Cloud Foundry CF Release | =146 | |
| Cloud Foundry CF Release | =147 | |
| Cloud Foundry CF Release | =148 | |
| Cloud Foundry CF Release | =149 | |
| Cloud Foundry CF Release | =150 | |
| Cloud Foundry CF Release | =151 | |
| Cloud Foundry CF Release | =152 | |
| Cloud Foundry CF Release | =153 | |
| Cloud Foundry CF Release | =154 | |
| Cloud Foundry CF Release | =155 | |
| Cloud Foundry CF Release | =156 | |
| Cloud Foundry CF Release | =157 | |
| Cloud Foundry CF Release | =158 | |
| Cloud Foundry CF Release | =159 | |
| Cloud Foundry CF Release | =160 | |
| Cloud Foundry CF Release | =161 | |
| Cloud Foundry CF Release | =162 | |
| Cloud Foundry CF Release | =163 | |
| Cloud Foundry CF Release | =164 | |
| Cloud Foundry CF Release | =165 | |
| Cloud Foundry CF Release | =166 | |
| Cloud Foundry CF Release | =167 | |
| Cloud Foundry CF Release | =168 | |
| Cloud Foundry CF Release | =169 | |
| Cloud Foundry CF Release | =170 | |
| Cloud Foundry CF Release | =171 | |
| Cloud Foundry CF Release | =172 | |
| Cloud Foundry CF Release | =173 | |
| Cloud Foundry CF Release | =174 | |
| Cloud Foundry CF Release | =175 | |
| Cloud Foundry CF Release | =176 | |
| Cloud Foundry CF Release | =177 | |
| Cloud Foundry CF Release | =178 | |
| Cloud Foundry CF Release | =179 | |
| Cloud Foundry CF Release | =180 | |
| Cloud Foundry CF Release | =181 | |
| Cloud Foundry CF Release | =182 | |
| Cloud Foundry CF Release | =183 | |
| Cloud Foundry CF Release | =184 | |
| Cloud Foundry CF Release | =185 | |
| Cloud Foundry CF Release | =186 | |
| Cloud Foundry CF Release | =187 | |
| Cloud Foundry CF Release | =188 | |
| Cloud Foundry CF Release | =189 | |
| Cloud Foundry CF Release | =190 | |
| Cloud Foundry CF Release | =191 | |
| Cloud Foundry CF Release | =192 | |
| Cloud Foundry CF Release | =193 | |
| Cloud Foundry CF Release | =194 | |
| Cloud Foundry CF Release | =195 | |
| Cloud Foundry CF Release | =196 | |
| Cloud Foundry CF Release | =197 | |
| Cloud Foundry CF Release | =198 | |
| Cloud Foundry CF Release | =199 | |
| Cloud Foundry CF Release | =200 | |
| Cloud Foundry CF Release | =201 | |
| Cloud Foundry CF Release | =202 | |
| Cloud Foundry CF Release | =203 | |
| Cloud Foundry CF Release | =204 | |
| Cloud Foundry CF Release | =205 | |
| Cloud Foundry CF Release | =206 | |
| Cloud Foundry CF Release | =207 | |
| Cloud Foundry CF Release | =208 | |
| Cloud Foundry CF Release | =209 | |
| Cloud Foundry CF Release | =210 | |
| Cloud Foundry CF Release | =211 | |
| Cloud Foundry CF Release | =212 | |
| Cloud Foundry CF Release | =213 | |
| Cloud Foundry CF Release | =214 | |
| Cloud Foundry CF Release | =215 | |
| Cloud Foundry CF Release | =216 | |
| Cloud Foundry CF Release | =217 | |
| Cloud Foundry CF Release | =218 | |
| Cloud Foundry CF Release | =219 | |
| Cloud Foundry CF Release | =220 | |
| Cloud Foundry CF Release | =221 | |
| Cloud Foundry CF Release | =222 | |
| Cloud Foundry CF Release | =223 | |
| Cloud Foundry CF Release | =224 | |
| Cloud Foundry CF Release | =225 | |
| Cloud Foundry CF Release | =226 | |
| Cloud Foundry CF Release | =227 | |
| Cloud Foundry CF Release | =228 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bosh.io/releases/github.com/cloudfoundry/cf-release?version=229
- https://lists.cloudfoundry.org/archives/list/cf-dev@lists.cloudfoundry.org/thread/VWDLUNTDKW5CW5JWEM5BOHLJ3J32TAFF/
- https://lists.cloudfoundry.org/archives/list/cf-dev%40lists.cloudfoundry.org/thread/VWDLUNTDKW5CW5JWEM5BOHLJ3J32TAFF/
Frequently Asked Questions
What is the severity of CVE-2016-0713?
CVE-2016-0713 has a medium severity level due to its potential for enabling man-in-the-middle attacks and leading to cross-site scripting vulnerabilities.
How do I fix CVE-2016-0713?
To fix CVE-2016-0713, users should upgrade to a patched version of the Cloud Foundry cf-release, specifically version 229 or later.
What software versions are affected by CVE-2016-0713?
CVE-2016-0713 affects Cloud Foundry cf-release versions from 141 through 228.
What type of attack does CVE-2016-0713 allow?
CVE-2016-0713 allows man-in-the-middle attackers to execute cross-site scripting (XSS) attacks through modified requests.
How can I identify if my Cloud Foundry installation is vulnerable to CVE-2016-0713?
You can identify if your installation is vulnerable to CVE-2016-0713 by checking the current version of cf-release and seeing if it falls between versions 141 and 228.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/author
- agent/last-modified-date
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/weakness
- vendor/cloudfoundry
- canonical/cloud foundry cf release
- version/cloud foundry cf release/141
- version/cloud foundry cf release/142
- version/cloud foundry cf release/143
- version/cloud foundry cf release/144
- version/cloud foundry cf release/145
- version/cloud foundry cf release/146
- version/cloud foundry cf release/147
- version/cloud foundry cf release/148
- version/cloud foundry cf release/149
- version/cloud foundry cf release/150
- version/cloud foundry cf release/151
- version/cloud foundry cf release/152
- version/cloud foundry cf release/153
- version/cloud foundry cf release/154
- version/cloud foundry cf release/155
- version/cloud foundry cf release/156
- version/cloud foundry cf release/157
- version/cloud foundry cf release/158
- version/cloud foundry cf release/159
- version/cloud foundry cf release/160
- version/cloud foundry cf release/161
- version/cloud foundry cf release/162
- version/cloud foundry cf release/163
- version/cloud foundry cf release/164
- version/cloud foundry cf release/165
- version/cloud foundry cf release/166
- version/cloud foundry cf release/167
- version/cloud foundry cf release/168
- version/cloud foundry cf release/169
- version/cloud foundry cf release/170
- version/cloud foundry cf release/171
- version/cloud foundry cf release/172
- version/cloud foundry cf release/173
- version/cloud foundry cf release/174
- version/cloud foundry cf release/175
- version/cloud foundry cf release/176
- version/cloud foundry cf release/177
- version/cloud foundry cf release/178
- version/cloud foundry cf release/179
- version/cloud foundry cf release/180
- version/cloud foundry cf release/181
- version/cloud foundry cf release/182
- version/cloud foundry cf release/183
- version/cloud foundry cf release/184
- version/cloud foundry cf release/185
- version/cloud foundry cf release/186
- version/cloud foundry cf release/187
- version/cloud foundry cf release/188
- version/cloud foundry cf release/189
- version/cloud foundry cf release/190
- version/cloud foundry cf release/191
- version/cloud foundry cf release/192
- version/cloud foundry cf release/193
- version/cloud foundry cf release/194
- version/cloud foundry cf release/195
- version/cloud foundry cf release/196
- version/cloud foundry cf release/197
- version/cloud foundry cf release/198
- version/cloud foundry cf release/199
- version/cloud foundry cf release/200
- version/cloud foundry cf release/201
- version/cloud foundry cf release/202
- version/cloud foundry cf release/203
- version/cloud foundry cf release/204
- version/cloud foundry cf release/205
- version/cloud foundry cf release/206
- version/cloud foundry cf release/207
- version/cloud foundry cf release/208
- version/cloud foundry cf release/209
- version/cloud foundry cf release/210
- version/cloud foundry cf release/211
- version/cloud foundry cf release/212
- version/cloud foundry cf release/213
- version/cloud foundry cf release/214
- version/cloud foundry cf release/215
- version/cloud foundry cf release/216
- version/cloud foundry cf release/217
- version/cloud foundry cf release/218
- version/cloud foundry cf release/219
- version/cloud foundry cf release/220
- version/cloud foundry cf release/221
- version/cloud foundry cf release/222
- version/cloud foundry cf release/223
- version/cloud foundry cf release/224
- version/cloud foundry cf release/225
- version/cloud foundry cf release/226
- version/cloud foundry cf release/227
- version/cloud foundry cf release/228